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DETAILED ACTION 
Election/Restrictions 

Applicant's election without traverse of claims 1-7, 14-20, and 25-31 in the reply filed on 
2/28/07 is acknowledged. 

Response to Arguments 

Applicant's arguments with respect to claims 1-35 have been considered but are moot in 
view of the new ground(s) of rejection in view of Anton Jr. 7,185,360 and Wood US 
6,892,307. 

Claim Rejections - 35 USC § 103 
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

Claim 1, and 3-6 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Anton Jr. US 7,185,360 in view of Wood US 6,892,307 

As per claim 1 , Anton Jr. teaches a method for an authentication process within a 
distributed data processing system (internet) (Col 4 lines 23-26), the method comprising: 
receiving an authentication information from a client at a host (authentication web server) 
(Col 9 lines 62-66) Anton Jr. teaches forwarding the authentication data to a controlled 
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resource (gateway server) (Col 9 line 65- Col 10 line 3). Anton Jr. does not teach a 
certificate or encryption. 

Wood teaches a method for an authentication process within a distributed data processing 
system, the method comprising: receiving an attribute certificate (credentials structure) 
(Col 18 lines 34-35) from a client (browser client) (Col 18 line 38) at a host 
(authentication service) (Col 18 line 50) within the distributed data processing system 
(enterprise system) (Col 7 lines 34-36); extracting encrypted authentication data from the 
attribute certificate (decrypting) (Col 18 lines 54-55), wherein the encrypted 
authentication data was generated by encrypting authentication data with a public key 
associated with the host (encrypted with public key of authentication service) (Col 18 
lines 49-51); decrypting the encrypted authentication data to regenerate the authentication 
data using a private key associated with the host (decrypting with using authentication 
service private key) (Col 18 lines 54-55). Wood fails to teach forwarding the 
authentication data to a controlled resource. 

It would have been obvious to one of ordinary skill in the art to use the encryption of 
Wood with the System of Anton because it would enhance security and the inventions are 
of analogous arts. 

As per claim 3, Woods teaches the authentication data comprises a user identity and a 
password (username password pair)(Claim 27). 

As per claim 4, Anton Jr. teaches authenticating the client for access to the controlled 
resource based on the authentication data (sends unblock message), (Col 10 lines 36-38). 
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As per claim 5, Woods teaches that the certificate (credential structure) (Col 18 line 35) 
contains multiple sets of authentication data (at least 2) (claim 27) for multiple hosts 
(plural information resources) (claim 24), the method further comprising: parsing the 
authentication data to retrieve a specific set of authentication data for the host (obtaining 
the credential) (claim 24). 

As per claim 6 Woods teaches that the authentication data (credential structure) (Col 18 
line 35) contains multiple sets of authentication parameters (at least 2) (claim 27) for 
multiple controlled resources (plural information resources) (claim 24), the method 
further comprising: parsing the authentication data to retrieve a specific set of 
authentication data for the controlled resource (obtaining the credential) (claim 24). 

Claim 2 is rejected under 35 U.S.C. 103(a) as being unpatentable over Anton Jr. US 
7,185,360 in view of Wood US 6,892,307 in view of Olden US 6,460,141 

As per claim 2 the previous Anton Jr.-Wood combination does not teach legacy 
applications. 

Olden teaches the controlled resource is a legacy application (legacy application) (Col 25 
lines 20-25). It would have been obvious to one of ordinary skill in the art to use the 
legacy application of Olden with the system of Anton Jr.-Wood because it maintains 
backwards compatibility and they are of analogous arts. 
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Claim 7 is rejected under 35 U.S.C. 103(a) as being unpatentable over Anton Jr. US 
7,185,360 in view of Wood US 6,892,307 in view of Butt US 6,754,829 

As per claim 7 the previous Anton Jr.- Wood combination does not teach the X.509 
standard. Butt teaches certificates are formatted according to an X.509 standard (X.509) 
(Col 4 lines 56-65). 

It would have been obvious to one of ordinary skill in the art to use the X.509 standard 
because it is well known and operating system independent (Col 4 lines 60-65). 

Claim 14, and 16-19 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Anton Jr. US 7,185,360 in view of Wood US 6,892,307 

As per claim 14, Anton Jr. teaches an apparatus for an authentication process within a 
distributed data processing system (internet) (Col 4 lines 23-26), the method comprising: 
receiving an authentication information from a client at a host (authentication web server) 
(Col 9 lines 62-66) Anton Jr. teaches forwarding the authentication data to a controlled 
resource (gateway server) (Col 9 line 65- Col 10 line 3). Anton Jr. does not teach a 
certificate or encryption. 

Wood teaches a method for an authentication process within a distributed data processing 
system, the method comprising: receiving an attribute certificate (credentials structure) 
(Col 18 lines 34-35) from a client (browser client) (Col 18 line 38) at a host 
(authentication service) (Col 18 line 50) within the distributed data processing system 
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(enterprise system) (Col 7 lines 34-36); extracting encrypted authentication data from the 
attribute certificate (decrypting) (Col 18 lines 54-55), wherein the encrypted 
authentication data was generated by encrypting authentication data with a public key 
associated with the host (encrypted with public key of authentication service) (Col 1 8 
lines 49-51); decrypting the encrypted authentication data to regenerate the authentication 
data using a private key associated with the host (decrypting with using authentication 
service private key) (Col 18 lines 54-55). Wood fails to teach forwarding the 
authentication data to a controlled resource. 

It would have been obvious to one of ordinary skill in the art to use the encryption of 
Wood with the System of Anton because it would enhance security and the inventions are 
of analogous arts. 

As per claim 16, Woods teaches the authentication data comprises a user identity and a 
password (username password pair)(Claim 27). 

As per claim 1 7, Anton Jr. teaches authenticating the client for access to the controlled 
resource based on the authentication data (sends unblock message), (Col 10 lines 36-38). 

As per claim 18, Woods teaches that the certificate (credential structure) (Col 18 line 35) 
contains multiple sets of authentication data (at least 2) (claim 27) for multiple hosts 
(plural information resources) (claim 24), the method further comprising: parsing the 
authentication data to retrieve a specific set of authentication data for the host (obtaining 
the credential) (claim 24). 
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As per claim 19 Woods teaches that the authentication data (credential structure) (Col 18 
line 35) contains multiple sets of authentication parameters (at least 2) (claim 27) for 
multiple controlled resources (plural information resources) (claim 24), the method 
further comprising: parsing the authentication data to retrieve a specific set of 
authentication data for the controlled resource (obtaining the credential) (claim 24). 

Claim 15 is rejected under 35 U.S.C. 103(a) as being unpatentable over Anton Jr. 
US 7,185,360 in view of Wood US 6,892,307 in view of Olden US 6,460,141 

As per claim 15 the previous Anton Jr. -Wood combination does not teach legacy 
applications. 

Olden teaches the controlled resource is a legacy application (legacy application) (Col 25 
lines 20-25). It would have been obvious to one of ordinary skill in the art to use the 
legacy application of Olden with the system of Anton Jr.-Wood because it maintains 
backwards compatibility and they are of analogous arts. 

Claim 20 is rejected under 35 U.S.C. 103(a) as being unpatentable over Anton Jr. 
US 7,185,360 in view of Wood US 6,892,307 in view of Butt US 6,754,829 

As per claim 20 the previous Anton Jr.- Wood combination does not teach the X.509 
standard. Butt teaches certificates are formatted according to an X.509 standard (X.509) 
(Col 4 lines 56-65). 
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It would have been obvious to one of ordinary skill in the art to use the X.509 standard 
because it is well known and operating system independent (Col 4 lines 60-65). 

Claim 25, and 27-30 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Anton Jr. US 7,185,360 in view of Wood US 6,892,307 

As per claim 25 , Anton Jr. teaches computer program product for an authentication 
process within a distributed data processing system (internet) (Col 4 lines 23-26), the 
method comprising: receiving an authentication information from a client at a host 
(authentication web server) (Col 9 lines 62-66) Anton Jr. teaches forwarding the 
authentication data to a controlled resource (gateway server) (Col 9 line 65- Col 10 line 
3). Anton Jr. does not teach a certificate or encryption. 

Wood teaches a method for an authentication process within a distributed data processing 
system, the method comprising: receiving an attribute certificate (credentials structure) 
(Col 18 lines 34-35) from a client (browser client) (Col 18 line 38) at a host 
(authentication service) (Col 18 line 50) within the distributed data processing system 
(enterprise system) (Col 7 lines 34-36); extracting encrypted authentication data from the 
attribute certificate (decrypting) (Col 18 lines 54-55), wherein the encrypted 
authentication data was generated by encrypting authentication data with a public key 
associated with the host (encrypted with public key of authentication service) (Col 18 
lines 49-51); decrypting the encrypted authentication data to regenerate the authentication 
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data using a private key associated with the host (decrypting with using authentication 
service private key) (Col 18 lines 54-55). Wood fails to teach forwarding the 
authentication data to a controlled resource. 

It would have been obvious to one of ordinary skill in the art to use the encryption of 
Wood with the System of Anton because it would enhance security and the inventions are 
of analogous arts. 

As per claim 27, Woods teaches the authentication data comprises a user identity and a 
password (username password pair)(Claim 27). 

As per claim 28, Anton Jr. teaches authenticating the client for access to the controlled 
resource based on the authentication data (sends unblock message), (Col 10 lines 36-38). 

As per claim 29, Woods teaches that the certificate (credential structure) (Col 18 line 35) 
contains multiple sets of authentication data (at least 2) (claim 27) for multiple hosts 
(plural information resources) (claim 24), the method further comprising: parsing the 
authentication data to retrieve a specific set of authentication data for the host (obtaining 
the credential) (claim 24). 

As per claim 30 Woods teaches that the authentication data (credential structure) (Col 18 
line 35) contains multiple sets of authentication parameters (at least 2) (claim 27) for 
multiple controlled resources (plural information resources) (claim 24), the method 
further comprising: parsing the authentication data to retrieve a specific set of 
authentication data for the controlled resource (obtaining the credential) (claim 24). 
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Claim 26 is rejected under 35 U.S.C. 103(a) as being unpatentable over Anton Jr. 
US 7,185,360 in view of Wood US 6,892,307 in view of Olden US 6,460,141 

As per claim 26 the previous Anton Jr.-Wood combination does not teach legacy 
applications. 

Olden teaches the controlled resource is a legacy application (legacy application) (Col 25 
lines 20-25). It would have been obvious to one of ordinary skill in the art to use the 
legacy application of Olden with the system of Anton Jr.-Wood because it maintains 
backwards compatibility and they are of analogous arts. 

Claim 31 is rejected under 35 U.S.C. 103(a) as being unpatentable over Anton Jr. 
US 7,185,360 in view of Wood US 6,892,307 in view of Butt US 6,754,829 

As per claim 31 the previous Anton Jr.- Wood combination does not teach the X.509 
standard. Butt teaches certificates are formatted according to an X.509 standard (X.509) 
(Col 4 lines 56-65). 

It would have been obvious to one of ordinary skill in the art to use the X.509 standard 
because it is well known and operating system independent (Col 4 lines 60-65). 
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Conclusion 



Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Christopher J. Brown whose telephone number is 
(571)272-3833. The examiner can normally be reached on 8:30-6:00. 
If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kambiz Zand can be reached on (571)272-381 1. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 
Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published 
applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov. Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO 
Customer Service Representative or access to the automated information system, call 
800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

Christopher J. Brown 5/13/07 




